This is the mail archive of the
cygwin
mailing list for the Cygwin project.
Re: Definitely no sshd on FAT32?
- From: Igor Pechtchanski <pechtcha at cs dot nyu dot edu>
- To: Ian Brandt <ian at ianbrandt dot com>
- Cc: cygwin at cygwin dot com
- Date: Tue, 23 Mar 2004 14:45:11 -0500 (EST)
- Subject: Re: Definitely no sshd on FAT32?
- References: <40608855.8080605@ianbrandt.com>
- Reply-to: cygwin at cygwin dot com
On Tue, 23 Mar 2004, Ian Brandt wrote:
> Hi,
>
> I've been going through the archives and elsewhere, but just want to
> verify that I'm not missing anything. Is it definitely *not* possible to
> run sshd with cygwin installed on FAT32?
It is, but it won't be as secure. See below.
> I set CYGWIN to just "tty" when installing the service with
> ssh-host-config, since according to the Cygwin docs "ntsec" is ignored
> on FAT32 volumes.
FYI, "ntsec" is only ignored for the *disk* volumes, but it is used for a
bunch of other NT-enabled features that have nothing to do with disks
(e.g., user context switching). However, "ntsec" is on by default now, so
you aren't losing this functionality by omitting it.
> I'm getting the following in /var/log/sshd.log when trying to start...
>
> @@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
> @ WARNING: UNPROTECTED PRIVATE KEY FILE! @
> @@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
> Permissions 0644 for '/etc/ssh_host_key' are too open.
> It is recommended that your private key files are NOT accessible by others.
> This private key will be ignored.
> bad permissions: ignore key: /etc/ssh_host_key
> Could not load host key: /etc/ssh_host_key
> @@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
> @ WARNING: UNPROTECTED PRIVATE KEY FILE! @
> @@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
> Permissions 0644 for '/etc/ssh_host_rsa_key' are too open.
> It is recommended that your private key files are NOT accessible by others.
> This private key will be ignored.
> bad permissions: ignore key: /etc/ssh_host_rsa_key
> Could not load host key: /etc/ssh_host_rsa_key
> @@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
> @ WARNING: UNPROTECTED PRIVATE KEY FILE! @
> @@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
> Permissions 0644 for '/etc/ssh_host_dsa_key' are too open.
> It is recommended that your private key files are NOT accessible by others.
> This private key will be ignored.
> bad permissions: ignore key: /etc/ssh_host_dsa_key
> Could not load host key: /etc/ssh_host_dsa_key
> Disabling protocol version 1. Could not load host key
> Disabling protocol version 2. Could not load host key
> sshd: no hostkeys available -- exiting.
Try turning off "StrictModes" in your sshd_config.
HTH,
Igor
> I tried chmod on the keys, but in accordance with the Cygwin docs it
> silently does nothing...
>
> /etc$ chmod go-r ssh*key
> /etc$ ls -al ssh*key
> -rw-r--r-- 1 ibrandt None 672 Mar 23 09:23 ssh_host_dsa_key
> -rw-r--r-- 1 ibrandt None 536 Mar 23 09:23 ssh_host_key
> -rw-r--r-- 1 ibrandt None 887 Mar 23 09:23 ssh_host_rsa_key
>
> Thanks,
> Ian
--
http://cs.nyu.edu/~pechtcha/
|\ _,,,---,,_ pechtcha@cs.nyu.edu
ZZZzz /,`.-'`' -. ;-;;,_ igor@watson.ibm.com
|,4- ) )-,_. ,\ ( `'-' Igor Pechtchanski, Ph.D.
'---''(_/--' `-'\_) fL a.k.a JaguaR-R-R-r-r-r-.-.-. Meow!
"I have since come to realize that being between your mentor and his route
to the bathroom is a major career booster." -- Patrick Naughton
--
Unsubscribe info: http://cygwin.com/ml/#unsubscribe-simple
Problem reports: http://cygwin.com/problems.html
Documentation: http://cygwin.com/docs.html
FAQ: http://cygwin.com/faq/